similar to: AD returns only one group for all users

I am attempting to use winbind for Telnet authentication but winbind pam doesn't recognize ads realm or smb.conf workgroup..see error snapshot. pdtsun03 is hostname of solaris 10 ADS domain member running samba 3.0.11. "net ads join" worked..."net ads user" returns all MYADSDOMAIN users and samba shares work from both unix and NT side. one note..After make install, I

Dear list, How do I test whether I have access to my winbind LDAP backend from my Solaris 9 machine? My LDAP database is held on a Redhat 9.0 machine also running Samba 3.0.0. I know winbind works because getent and wbinfo show up my NT users and groups. I would also like to have people log into my Solaris 9 machine with their NT usernames, I have this working on Redhat already but Solaris is

I'm trying to setup a Solaris 10 Sparc station to authenticate users on login with Windows ADS. I have found the documentation for this but having no luck in getting the pam modules to work. Here is what I have done so far: Compiling Kerberos MIT5-1.8.3: cd into the src directory ./configure --prefix=/opt/local gmake gmake install Compiling Samba 3.5.6: setenv CFLAGS "-O2"

I sent this the other day, but did not get any replies, can anyone help? Hi All, I have a sparc solaris 8 server running samba 2.2.11 (which i complied with winbind). The server has been running for years and has about 20 local users setup using local files for openssh and rexec logins, and samba shares. They each use samba to map to their home directory and a common shared folder. They also

I've googled my heart out, but I cannot see an example of ssh authentication with Active Directory and winbindd, particularly on Solaris 10. I have it working on Solaris 8 with telnet, but I'm trying to break my users of telnet. Has anyone got it working? If so, would you be willing to share the global section of your smb.conf and pam.conf with me? Is there something I need to put in one

We already have a large complement of Unix users that are also Windows users but we also have non-unix users that need access to some samba shares. How can I setup samba so that Users who already have a Unix account will get that account and home directory when they connect through samba but valid domain users that do not already have a Unix account will authenticate through winbind and get the

Update: Success!!!! The corrective action was to move the below pam.conf settings to the top of each section. auth sufficient /usr/lib/security/pam_winbind.so try_first_pass account sufficient /usr/lib/security/pam_winbind.so try_first_pass session sufficient /usr/lib/security/pam_winbind.so try_first_pass -----Original Message----- From: Garrett, Joseph Sent: Thursday,

Hi ya'll- I've got this odd openssh problem with Solaris 10 I was hoping someone could shed some light on. Not sure if it is a bug... Basically I'm trying to use pubkeys as an auth method, but am having issues. I can log in using passwords no problem, but as soon as it notices a matching public key it closes the connection. I ran the sshd server (on Solaris 10 box) in debug

Message follows this disclaimer -------------------------------------------------------------------------------------------------- This email and any files transmitted with it is confidential and intended solely for the person or organisation to whom it is addressed. If you are not the intended recipient, you must not read, copy or disseminate the information or take any action in reliance on it

Gang, For those who asked about making a Solaris system a Kerberos client to Active Directory, the magic document to have is: http://www.connectathon.org/seam1.0/files/c0101.htm See the section "How to Configure a SEAM Client Using a Windows 2000 KDC". SEAM was Sun's Kerberos client stuff in Solaris 8; it is just there as part of Solaris 9 and 10. These instructions apply if

Hi, I'm running Samba Version 3.0.25c on Solaris 10 8/07 on X86 hardware. It's successfully joined to AD. But, and there always is a but, if : * A user is a member of SomeGroup * and the share alllows SomeGroup to access it * and SomeGroup is NOT what the user has set as their Primary Group in Active Directory then * Samba will recognize that the user can access the share * but,

Hi, I am trying to setup PAM for telnet on my solaris 9 box and the pam_winbind grant me access but I recieve a acount failure: Jul 4 13:29:59 clusterix1 pam_winbind[9688]: user 'patrikg' granted acces Jul 4 13:29:59 clusterix1 login[9688]: login account failure: Permission denied The values in pam.conf for winbind is: login auth required /usr/lib/security/pam_winbind.so other

I've gone back to 3.0.1 to try and get winbind to work with my Solaris 9 machine and NT4 domain. Everything works except user authentication. The wbinfo and getent commands do what they are supposed to. I've included a truss of 'su - ganguly' According to pamlog, the user 'ganguly' has been granted access but it is still hanging. How do I do a truss of a telnet login?

Is possible authenticate in active directory 2003r2 with ldap (dovecot-ldap), but not using pam_ldap ? I have problem, faileds. I need example of the dovecot-ldap.conf for this authentication. Help, please. Best Regards !

https://bugzilla.mindrot.org/show_bug.cgi?id=2378 Bug ID: 2378 Summary: Allow login to a role using Hostbased auth on platforms supporting PAM_AUSER Product: Portable OpenSSH Version: 6.8p1 Hardware: Sparc OS: Solaris Status: NEW Severity: enhancement Priority: P5

maybe this is a silly question ;-) But why is it possible to login on a machine with a locked account (passwd -l ) via pubkey-authentication (authorized_keys) ? I use OpenSSH3.01p1on Solaris8 with PAM support so I thought this should not happen. If this is the normal behaviour and built in intentionally what would be the easiest way to lock an account without deleting the users authorized_keys ?

Hello, (I'm sorry for my previous message with the wrong subject; I'll just do it over again) I have a Solaris 10 machine (SunOS 5.10 Generic_118833-18 sun4u sparc) installed with Samba Version 3.0.23a. Samba has been compiled from source with PAM modules. The modules 'pam_smbpass.so' and 'pam_winbind.so' reside at: /usr/local/samba/lib/security smb.conf is located at

Hi All. This patch calls pam_chauthtok() to change an expired password via PAM during keyboard-interactive authentication (SSHv2 only). It is tested on Redhat 8 and Solaris 8. In theory, it should have simply been a matter of calling pam_chauthtok with the PAM_CHANGE_EXPIRED_AUTHTOK flag, it'd only change the password is if it's expired, right? From the Solaris pam_chauthtok man page:

Hello Samba team, On our Solaris 10u8 system with the exact config, I'm able to set both Active Directory user and group permissions. On our OpenIndiana system I'm able to set Active Directory *user* permissions but when I try to set Active Directory group permission it fails. Here is the command along with the error: /usr/bin/chmod

Hello, I am running into some strange (to me) behavior trying to upgrade from 3.6.1p2 to 3.8p1 on Solaris 8. All of my machines are running 3.6.1p2 (Linux boxes have had RH errata applied). When I ssh with my AFS account name from any of them to the Solaris 8 box running 3.6.1p2, it responds with "afsuser at machine's password:". Once the password is given, I am logged in just